Install Confluent Platform On-Premises

Use this documentation to install Confluent Platform in your on-premises environment.

Looking for a fully managed cloud-native service for Apache Kafka®?

Sign up for Confluent Cloud and get started for free using the Cloud quick start.

Production Environments

Use the following installation methods to deploy a production-ready multi-node Confluent Platform environment.

Orchestrated Installation

• Confluent for Kubernetes
• Ansible Playbooks for Confluent Platform

Manual Installation

• Install Confluent Platform using ZIP and TAR Archives
• Install Confluent Platform using Systemd on Ubuntu and Debian
• Install Confluent Platform using Systemd on RHEL, CentOS, and Fedora-based Linux
• Install Confluent Platform Using Docker

For instructions to install Confluent Platform on AWS Outpost, see Confluent Platform on AWS Outposts.

Development Environments

Use these installation methods to quickly get a Confluent Platform development environment up and running, such as on your laptop.

The following options are available:

• Quick Start for Confluent Platform

  Use the Confluent Platform Docker images or the confluent local Confluent CLI to locally install Confluent Platform in development/testing environments.

  Note

  If you are on a Macbook M1, you can use the Confluent CLI and the ARM64 version of the Confluent Platform Docker images for local install. The confluent local subcommands are currently not supported on the ARM64 environment. The ARM64 is in preview support at this time for the Confluent Platform Docker images. For more details, see Install Confluent Platform Using Docker.

• Automated quick start

  Run the automated version of the above Quick Start designed for Confluent Platform local installs.

Confluent Signing Keys

You can use the following GPG signing key to verify the integrity of the Confluent Platform installation package:

• 4096R/8b1da6120c2bf624 (2021-05-03): Confluent Packaging <packages@confluent.io>

  Fingerprint: cbbb 821e 8faf 364f 7983 5c43 8b1d a612 0c2b f624

  Status: Active

• 4096R/670540c841468433 (2015-02-06): Confluent Packaging <packages@confluent.io>

  Fingerprint: 1a77 041e 0314 e6c5 a486 524e 6705 40c8 4146 8433

  Status: Revoked

Revoke Older Keys

Consult your operating system or software’s manual pages for revoking GPG keys. Below are common methods of revoking older keys. The examples below assume you wish to revoke your trust in an older key-id 670540c841468433 (Shorter form 41468433)

Revoke in GnuPGP

gpg --delete-key 41468433
gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 8b1da6120c2bf624

Revoke in Debian Linux Based Distributions

If you see APT showing you an error similar to the following:

- Err:4 ``https://packages.confluent.io/deb/7.7`` stable InRelease

  The following signatures couldn't be verified because the public key is not
  available: NO_PUBKEY KEY_ID

  Reading package lists... Done

  W: GPG error: ``https://packages.confluent.io/deb/7.7`` stable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY KEY_ID

  E: The repository '``https://packages.confluent.io/deb/7.7`` stable InRelease' is not signed.

  N: Updating from such a repository can't be done securely, and is therefore disabled by default.

  N: See apt-secure(8) manpage for repository creation and user configuration details.

Then, revoke the old key and import the latest:

sudo apt-key del 41468433
wget -qO - https://packages.confluent.io/deb/7.7/archive.key | sudo apt-key add -

Revoke in Redhat Linux Based Distributions

If a YUM/DNF shows you a warning similar to the following:

warning: /path/to/new/package: Header V4 RSA/SHA1 Signature, key ID KEY_ID: NOKEY

Then, revoke the old key and import the latest. Note that, internally, RPM stores imported GPG keys as gpg-pubkey-${FINGER_PRINT}-${CREATION_TIME}:

sudo rpm -e gpg-pubkey-41468433-54d512a8
sudo rpm --import https://packages.confluent.io/rpm/7.7/archive.key